Ride the Lightning

Cybersecurity and Future of Law Practice Blog
by Sharon D. Nelson Esq., President of Sensei Enterprises, Inc.

Microsoft Will Add “Nation-State Activity Alerts” to Defender for Microsoft 365

February 24, 2021

ZDNet reported on February 8 that Microsoft will be adding a new security alert to the dashboard of Microsoft Defender for Office 365 (formerly Office 365 Advanced Threat Protection) that will notify companies when their employees are being targeted by nation-state threat actors.

The feature has been added to the Microsoft 365 roadmap website.

The concept has been around since 2016, when Microsoft began tracking nation-state hacking groups and the attacks they orchestrate against Microsoft email accounts.

If a user is targeted or compromised in one of these attacks, Microsoft sends them an email about the attack, along with basic advice to re-secure their inbox and devices. In 2019, Microsoft said that it usually notifies around 10,000 users per year of nation-state attacks.

So, what was the problem? That procedure relies on users reading their email and taking action, which doesn’t always happen. Users don’t read their emails daily, or it might take hours before the user reaches the notification in crowded inboxes, a time during which attackers could steal sensitive documents.

For organizations who are customers of Microsoft’s Office 365 service, Microsoft will add these notifications inside the dashboard of Microsoft Defender for Office 365, the cloud-based security platform that scans a company’s Office 365 accounts for threats.

The critical difference is that the notification will also appear for system administrators and security teams, who can act on it immediately by calling the affected employees, resetting email account passwords, resetting other internal passwords, or by undertaking a broader security audit.

Microsoft expects this feature to be in place by the end of February.

In case you were wondering, similar alerts for nation-state attacks are also available for Yahoo accounts, public Gmail accounts, and G Suite accounts. Facebook also warns users of nation-state attacks against its social media accounts.

The very idea of nation-state attack alerts would have been unheard of not all that long ago!

Hat tip to Dave Ries.

Sharon D. Nelson, Esq., President, Sensei Enterprises, Inc.
3975 University Drive, Suite 225|Fairfax, VA 22030
Email: Phone: 703-359-0700
Digital Forensics/Cybersecurity/Information Technology
https://senseient.com
https://twitter.com/sharonnelsonesq
https://www.linkedin.com/in/sharondnelson
https://amazon.com/author/sharonnelson

Sharon D. Nelson, Esq.
President

Subscribe in a Reader

Cookie	Duration	Description
cookielawinfo-checbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Ride the Lightning

Microsoft Will Add “Nation-State Activity Alerts” to Defender for Microsoft 365

Subscribe for More!

Recent Posts

Listen to the Podcast

Disclaimer